package org.kuali.rice.krad.web.bind;

import java.beans.PropertyEditor;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.ObjectUtils;
import org.apache.log4j.Logger;
import org.eclipse.persistence.internal.helper.Helper;
import org.kuali.rice.core.api.CoreApiServiceLocator;
import org.kuali.rice.core.api.encryption.EncryptionService;
import org.kuali.rice.krad.uif.lifecycle.ViewPostMetadata;
import org.kuali.rice.krad.uif.util.CopyUtils;
import org.kuali.rice.krad.uif.util.ObjectPropertyUtils;
import org.kuali.rice.krad.uif.view.ViewModel;
import org.kuali.rice.krad.util.KRADUtils;
import org.springframework.beans.BeanWrapperImpl;
import org.springframework.beans.BeansException;
import org.springframework.beans.NotReadablePropertyException;
import org.springframework.beans.NullValueInNestedPathException;
import org.springframework.beans.PropertyAccessorUtils;
import org.springframework.beans.PropertyValue;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

/* loaded from: input_file:WEB-INF/lib/rice-krad-web-framework-2.6.0-1602.0021-SNAPSHOT.jar:org/kuali/rice/krad/web/bind/UifViewBeanWrapper.class */
public class UifViewBeanWrapper extends UifBeanWrapper {
    private static Logger LOG = Logger.getLogger(UifViewBeanWrapper.class);
    private Set<String> processedProperties;
    private final UifBeanPropertyBindingResult bindingResult;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/rice-krad-web-framework-2.6.0-1602.0021-SNAPSHOT.jar:org/kuali/rice/krad/web/bind/UifViewBeanWrapper$PropertyTokenHolder.class */
    public static class PropertyTokenHolder {
        public String canonicalName;
        public String actualName;
        public String[] keys;

        private PropertyTokenHolder() {
        }
    }

    public UifViewBeanWrapper(ViewModel viewModel, UifBeanPropertyBindingResult uifBeanPropertyBindingResult) {
        super(viewModel);
        this.bindingResult = uifBeanPropertyBindingResult;
        this.processedProperties = new HashSet();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.kuali.rice.krad.web.bind.UifBeanWrapper
    public Object getPropertyValue(String str, boolean z) {
        registerEditorFromView(str);
        return super.getPropertyValue(str, z);
    }

    protected void registerEditorFromView(String str) {
        if (this.processedProperties.contains(str)) {
            return;
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("Attempting to find property editor for property '" + str + "'");
        }
        ViewPostMetadata viewPostMetadata = ((ViewModel) getWrappedInstance()).getViewPostMetadata();
        if (viewPostMetadata == null) {
            return;
        }
        PropertyEditor fieldEditor = viewPostMetadata.getFieldEditor(str);
        if (fieldEditor != null) {
            registerCustomEditor(null, str, fieldEditor);
        }
        this.processedProperties.add(str);
    }

    @Override // org.kuali.rice.krad.web.bind.UifBeanWrapper, org.springframework.beans.BeanWrapperImpl, org.springframework.beans.AbstractPropertyAccessor, org.springframework.beans.PropertyAccessor
    public void setPropertyValue(PropertyValue propertyValue) throws BeansException {
        if (checkPropertyBindingAccess(propertyValue.getName())) {
            PropertyValue propertyValue2 = new PropertyValue(propertyValue, processValueBeforeSet(propertyValue.getName(), propertyValue.getValue()));
            boolean z = true;
            Object obj = null;
            if (this.bindingResult.isChangeTracking()) {
                try {
                    obj = getPropertyValue(propertyValue2.getName(), true);
                } catch (Exception e) {
                    z = false;
                }
            }
            super.setPropertyValue(propertyValue2);
            if (this.bindingResult.isChangeTracking() && z) {
                try {
                    if (ObjectUtils.notEqual(obj, getPropertyValue(propertyValue2.getName()))) {
                        this.bindingResult.addModifiedPath(propertyValue2.getName());
                    }
                } catch (Exception e2) {
                }
            }
        }
    }

    @Override // org.kuali.rice.krad.web.bind.UifBeanWrapper, org.springframework.beans.BeanWrapperImpl, org.springframework.beans.AbstractPropertyAccessor, org.springframework.beans.PropertyAccessor
    public void setPropertyValue(String str, Object obj) throws BeansException {
        if (checkPropertyBindingAccess(str)) {
            Object processValueBeforeSet = processValueBeforeSet(str, obj);
            boolean z = true;
            Object obj2 = null;
            try {
                obj2 = getPropertyValue(str, true);
            } catch (Exception e) {
                z = false;
            }
            super.setPropertyValue(str, processValueBeforeSet);
            if (z) {
                try {
                    if (ObjectUtils.notEqual(obj2, getPropertyValue(str))) {
                        this.bindingResult.addModifiedPath(str);
                    }
                } catch (Exception e2) {
                }
            }
        }
    }

    protected boolean checkPropertyBindingAccess(String str) {
        boolean z = false;
        Boolean checkBindingAnnotationsInPath = checkBindingAnnotationsInPath(str);
        if (checkBindingAnnotationsInPath != null) {
            z = checkBindingAnnotationsInPath.booleanValue();
        } else {
            ViewPostMetadata viewPostMetadata = ((ViewModel) getWrappedInstance()).getViewPostMetadata();
            if (viewPostMetadata != null && viewPostMetadata.getAccessibleBindingPaths() != null) {
                z = viewPostMetadata.getAccessibleBindingPaths().contains(str);
                if (!z && str.contains("[")) {
                    z = viewPostMetadata.getAccessibleBindingPaths().contains(str.substring(0, str.lastIndexOf("[")) + "[*" + str.substring(str.lastIndexOf("]")));
                }
            }
        }
        if (!z) {
            LOG.debug("Request parameter sent for inaccessible binding path: " + str);
            this.bindingResult.recordSuppressedField(str);
        }
        return z;
    }

    protected Boolean checkBindingAnnotationsInPath(String str) {
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
        while (!StringUtils.isEmpty(str)) {
            String pathTail = ObjectPropertyUtils.getPathTail(str);
            String removePathTail = ObjectPropertyUtils.removePathTail(str);
            Class<?> wrappedClass = getWrappedClass();
            if (!StringUtils.isEmpty(removePathTail)) {
                wrappedClass = ObjectPropertyUtils.getPropertyType(getWrappedInstance(), removePathTail);
            }
            if (org.apache.commons.lang.StringUtils.endsWith(pathTail, "]")) {
                pathTail = org.apache.commons.lang.StringUtils.substringBefore(pathTail, "[");
            }
            RequestProtected requestProtected = (RequestProtected) CopyUtils.getFieldAnnotation(wrappedClass, pathTail, RequestProtected.class);
            if (requestProtected != null && annotationMatchesRequestMethod(requestProtected.method(), request.getMethod())) {
                return Boolean.FALSE;
            }
            RequestAccessible requestAccessible = (RequestAccessible) CopyUtils.getFieldAnnotation(wrappedClass, pathTail, RequestAccessible.class);
            if (requestAccessible != null) {
                boolean annotationMatchesRequestMethod = annotationMatchesRequestMethod(requestAccessible.method(), request.getMethod());
                boolean annotationMatchesMethodToCalls = annotationMatchesMethodToCalls(requestAccessible.methodToCalls(), request.getParameter("methodToCall"));
                if (annotationMatchesRequestMethod && annotationMatchesMethodToCalls) {
                    return Boolean.TRUE;
                }
            }
            str = removePathTail;
        }
        return null;
    }

    protected boolean annotationMatchesMethodToCalls(String[] strArr, String str) {
        if (strArr == null || strArr.length == 0) {
            return true;
        }
        for (String str2 : strArr) {
            if (org.apache.commons.lang.StringUtils.equals(str2, str)) {
                return true;
            }
        }
        return false;
    }

    protected boolean annotationMatchesRequestMethod(RequestMethod[] requestMethodArr, String str) {
        if (requestMethodArr == null || requestMethodArr.length == 0) {
            return true;
        }
        for (RequestMethod requestMethod : requestMethodArr) {
            if (org.apache.commons.lang.StringUtils.equals(requestMethod.name(), str)) {
                return true;
            }
        }
        return false;
    }

    protected Object processValueBeforeSet(String str, Object obj) {
        registerEditorFromView(str);
        Object obj2 = obj;
        if (obj instanceof String) {
            String str2 = (String) obj;
            obj2 = StringUtils.isEmpty(str2) ? null : decryptValueIfNecessary(str, str2);
        }
        return obj2;
    }

    protected String decryptValueIfNecessary(String str, String str2) {
        boolean isSecure = isSecure(getWrappedClass(), str);
        if (org.apache.commons.lang.StringUtils.endsWith(str2, EncryptionService.ENCRYPTION_POST_PREFIX)) {
            str2 = org.apache.commons.lang.StringUtils.removeEnd(str2, EncryptionService.ENCRYPTION_POST_PREFIX);
            isSecure = true;
        }
        if (isSecure) {
            try {
                if (CoreApiServiceLocator.getEncryptionService().isEnabled()) {
                    str2 = CoreApiServiceLocator.getEncryptionService().decrypt(str2);
                }
            } catch (GeneralSecurityException e) {
                throw new RuntimeException(e);
            }
        }
        return str2;
    }

    protected boolean isSecure(Class<?> cls, String str) {
        if (KRADUtils.isSecure(str, cls)) {
            return true;
        }
        setAutoGrowNestedPaths(true);
        try {
            BeanWrapperImpl beanWrapperForPropertyPath = getBeanWrapperForPropertyPath(str);
            if (!org.apache.commons.lang.StringUtils.isNotBlank(beanWrapperForPropertyPath.getNestedPath())) {
                return false;
            }
            return isSecure(beanWrapperForPropertyPath.getWrappedClass(), org.apache.commons.lang.StringUtils.removeStart(getPropertyNameTokens(str).canonicalName, beanWrapperForPropertyPath.getNestedPath()));
        } catch (NotReadablePropertyException | NullValueInNestedPathException e) {
            LOG.debug("Bean wrapper was not found for " + str + ", but since it cannot be accessed it will not be set as secure.", e);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.kuali.rice.krad.web.bind.UifBeanWrapper, org.springframework.beans.BeanWrapperImpl
    public BeanWrapperImpl getBeanWrapperForPropertyPath(String str) {
        BeanWrapperImpl beanWrapperForPropertyPath = super.getBeanWrapperForPropertyPath(str);
        String str2 = getPropertyNameTokens(str).canonicalName;
        int firstNestedPropertySeparatorIndex = PropertyAccessorUtils.getFirstNestedPropertySeparatorIndex(str2);
        if (firstNestedPropertySeparatorIndex != -1) {
            str2 = str2.substring(0, firstNestedPropertySeparatorIndex);
        }
        copyCustomEditorsTo(beanWrapperForPropertyPath, str2);
        return beanWrapperForPropertyPath;
    }

    private PropertyTokenHolder getPropertyNameTokens(String str) {
        int indexOf;
        PropertyTokenHolder propertyTokenHolder = new PropertyTokenHolder();
        String str2 = null;
        ArrayList arrayList = new ArrayList(2);
        int i = 0;
        while (i != -1) {
            int indexOf2 = str.indexOf("[", i);
            i = -1;
            if (indexOf2 != -1 && (indexOf = str.indexOf("]", indexOf2 + "[".length())) != -1) {
                if (str2 == null) {
                    str2 = str.substring(0, indexOf2);
                }
                String substring = str.substring(indexOf2 + "[".length(), indexOf);
                if ((substring.startsWith("'") && substring.endsWith("'")) || (substring.startsWith(Helper.DEFAULT_DATABASE_DELIMITER) && substring.endsWith(Helper.DEFAULT_DATABASE_DELIMITER))) {
                    substring = substring.substring(1, substring.length() - 1);
                }
                arrayList.add(substring);
                i = indexOf + "]".length();
            }
        }
        propertyTokenHolder.actualName = str2 != null ? str2 : str;
        propertyTokenHolder.canonicalName = propertyTokenHolder.actualName;
        if (!arrayList.isEmpty()) {
            propertyTokenHolder.canonicalName += "[" + StringUtils.collectionToDelimitedString(arrayList, "][") + "]";
            propertyTokenHolder.keys = StringUtils.toStringArray(arrayList);
        }
        return propertyTokenHolder;
    }
}
